AWS EC2 Instance: Web App successfully deployed but remains unreachable on the browser
I have a MERN app and I have successfully deployed it on an AWS EC2 instance.
In the production environment, the app is served on port 80.
So when I try to access it on the browser by entering:
EC2_INSTANCE_PUBLIC_IP_ADDRESS:80
or
EC2_INSTANCE_PUBLIC_IP_ADDRESS
It just keeps loading until it finally reaches this state:
This site can’t be reached EC2_INSTANCE_PUBLIC_IP_ADDRESS took too long to respond.
Try:
Checking the connection Checking the proxy and the firewall ERR_CONNECTION_TIMED_OUT
I tried to run the frontend app separately as I do in the development environment on port 3000, so when I try to access it on
EC2_INSTANCE_PUBLIC_IP_ADDRESS:3000
The same thing happens.
Any idea what's going on?
Check the security group associated with the EC2 instance. The security group can be seen as the firewall configuration associated with the EC2 instance.
Your security group will need to have an inbound rule defined for port 80 (or 3000 as per your question and\or active configuration). You don't need to have an outbound rule:
Security groups are stateful - if you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules. Responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.
I'll check the security group first. If it still doesn't work then there might be a problem with the reachability of the EC2 instance's subnet from the internet. For example, it might not be connected to an internet gateway.
More advanced:
There are other ways besides an internet gateway to connect your subnet to the internet, eg NAT gateways and VPN connections. Yet it seems that you are comfortable connecting to your work using a public IP, just make sure you configure your security group with a restrictive inbound rule specific to your personal IP address followed by a /32 CIDR (play around with the security group GUI, as I recall AWS can auto-populate your IP for you and then you'll see that it has a /32 suffix)
Additional notes:
You don't need a outbound rule for your security group to connect to the EC2 instance across the internet, but you might want to specify a very lax outbound rule so that you can connect to the EC2 instance and retrieve things from the internet. Without an outbound rule you won't even be able to retrieve packages you might want to install (eg yum install -y some_package)
- AWS RDS restoring snapshot with upgraded engine version giving error
- Error with not existing instance profile while trying to get a django project running on AWS Beanstalk
- Timeout when trying to retrieve EC2 instance-id metadata from within it
- Lease table is not updated when new shards are added causing stale workers in KCL
- libsndfile.so.1: cannot open shared object file: No such file or directory
- Why does ECS binpack strategy on memory always scale up a new EC2 instance despite available resources?
- How to pull every single image (tag or untagged) from AWS ECR?
- In CloudFormation how can I link RDS and Secrets Manager so I don't have to hardcode the password?
- How to install postgresql-client to Amazon EC2 Linux machine?
- PyCharm: Why "Python Console" is not accessing ~\.aws\credentials file? How to set it within "Python Console"
- Is it possible to run aws s3 sync with boto3?
- Python 3 asyncio with aioboto3 seems sequential
- Serverless / AWS Lambda - Create the triggers for the published lambda versions
- AWS Glue missing permissions
- Invoking lambda from API gateway test, but hitting the endpoint does not invoke the lambda. 500 returned
- terraform destroy needs original terraform code to destroy?
- How to correctly/safely access parameters from AWS SSM Parameter store for my Python script on EC2 instance?
- Why is my image not displaying on my Web page?
- How to copy blobs from azure to aws using python?
- S3 Bucket action doesn't apply to any resources
- Couldn't proceed with upgrade process as new nodes are not joining node group standard-workers
- How to customize "From" name for SNS emails
- Changing the name of a Load Balancer on AWS Console
- AWS S3 Bucket Access Issue with IAM User Permissions
- how to decrease the exceution time of aws lambda function nodejs
- Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect)
- Downloading an entire S3 bucket?
- Unable to unzip .zip file on linux machine
- Missing Authentication Token while accessing API Gateway?
- AWS S3 Access Denied when open object URL in browser